Название: CASP+ CompTIA Advanced Security Practitioner Practice Tests
Автор: Nadean H. Tanner
Издательство: John Wiley & Sons Limited
Жанр: Зарубежная компьютерная литература
isbn: 9781119813064
isbn:
77 The corporate network has grown to a point where the management of individual routers and switches is problematic. Your CISO wants to move to a solution where the control function of the routers and switches are centralized, leaving the routers and switches to perform the basic forwarding of traffic. Which technology best performs this function?CDCNASSANSDN
78 A security engineer is concerned that logs may be lost on their hybrid SDN network if the devices should fail or become compromised by an attacker. What solution ensures that logs are not lost on these devices?Configuring a firewall on the local machineArchiving the logs on the local machineSending the logs to a syslogInstalling a NIPS
79 Your CISO watched the news about the latest supply chain breach and is genuinely concerned about this type of attacks affecting major organizations. He asks you, as a security analyst, to gather information about controls to put into place on your SDN network to stop these attacks from affecting your organization. How do you begin this process?Get the latest IOCs from OSINT sourcesResearch best practicesUse AI and SIEMPerform a sweep of your network using threat modeling
80 Cameron is a newly promoted network security administrator. His manager told him to start building his physical and SDN topology map with a concentration on finding out what ports are open on which assets across the entire enterprise. What tool will accomplish the task?NetcatNmapBurpSuiteIPConfig
81 Your organization has opted into a hybrid cloud solution for all your strategic organizations with multiple verticals with different IT requirements. Which one of these is an advantage?Flexible, scalable, reliable, and improved security postureStrong compatibility and integration requirementsComplexity as the organization evolvesCan be very expensive
82 While performing unit testing on software requested by your department, you found that privilege escalation is possible. Privilege escalation means that an attacker can elevate their privilege on a system from a lower level to an administrator level. What two performance unit testing techniques do you need to use?Vertical and horizontalLeft and rightNorth to southRing 1 to 3
83 Phillip's financial company experienced a natural disaster, used a hot site for three months, and now is returning to the primary site. What processes should be restored first at the primary site?Finance departmentExternal communicationMission criticalLeast business critical
84 You work in law enforcement supporting a network with HA. High availability is mandatory, as you also support emergency 911 services. Which of the following would hinder your HA ecosystem?Clustered serversPrimary firewallSwitched networksRedundant communication links
85 Mark has been tasked with building a computer system that can scale well and that includes built-in logic for interfacing with many types of devices, including SATA, PCI, and USB, as well as GPU, network processors, and AV encoders/decoders. What type of system should he build?MatrixHeterogeneousLLCMeshed network
86 Not having complete control over networks and servers is a real concern in your organization, and upper management asks you if the company's data is genuinely secure now that you have migrated to the cloud. They have asked you to present industry research at the next board of directors meeting to answer questions regarding cloud security and your company's cyber-resilience. What research would be of most interest to the board of directors?Processor power consumptionEncryption modelsCOCOACACAO
87 While investigating threats specific to your industry, you found information collected and analyzed by several companies with substantive expertise and access to source information. Which of these is the least beneficial item to your organization after subscribing to threat intelligence information?Determining acceptable business risksDeveloping controls and budgetsMaking equipment and staffing decisionsCreating a marketing plan for your product
88 Andrew has evaluated several unified communications (UC) vendors. He has a need for one with their own data center facility hosting their own instance of the platform with built-in redundant power, remote backup, and secured entry as well as 24/7 staffing. Why would a UC vendor have minimal data center security?Cost savingsCompliance requirementsEase of setup and usePerfect forward secrecy
89 Your organization slowly evolved from simply locking doors to RFID-enabled cards issued to employees to secure the physical environment. You want to protect these cards from cloning, because some parts of your organization host sensitive information. What should you implement?EncryptionIDRHIDSNIPS
90 Damien is a security architect for a large enterprise bank that recently merged with a smaller local bank. The acquired bank has a legacy virtual cluster, and all these virtual machines use the same NIC to connect to the LAN. Some of the VMs are used for hosting databases for HR, and some are used to process mortgage applications. What is the biggest security risk?Shared NICs negatively impacting the integrity of packetsBridging of networks impacting availabilityAvailability between VMs impacting integrityVisibility between VMs impacting confidentiality
91 One of the biggest issues your CISO has with migrating to more cloud environments is the process of acquiring and releasing resources. Technical as well as operational issues are associated with these processes. What type of procedure documentation should you create to help with this?How to authenticate and authorizeHow to dynamically provision and deprovisionHow to use SaaS, IaaS, and PaaSHow to build a Type 2 hypervisor
92 You have received an RFQ response from a software company, which makes a tool that will allow you to record all changes in a single change management tool. This tool will track scheduling change, implementing change, the cost of change, and reporting. What type of software is this called?Vulnerability managementChange controlSecurity information and event managementAutomation
93 You are investigating a new tool that helps identify, analyze, and report on threats in real time based mostly on logs. What is the best solution?SOARAntivirusXSSPort scanner
94 Steve is a software developer for a large retail organization. His CISO returned from a large conference and asked him to clarify exactly what the benefit of a container in software development is over virtual machines. Which of these is the best succinct answer?In a VM, hardware is virtualized to run multiple OS instances. Containers virtualize an OS to run multiple workloads on a single OS instance using a container engine.In a container, hardware is virtualized to run a single OS, where a VM can run multiple applications across multiple assets with a single OS.A VM is virtualized technology, but a container is not.A container is the same thing as a virtual machine, just smaller in size.
95 As a leader in your organization in DevOps, you want to convince your CISO to move toward containerization. Which of these is not an advantage to using containers over VMs?Reduced and simplified security updatesLess code to transfer, migrate, and uploadQuicker spinning up applicationsLarge file size of snapshots
96 At the latest IT department meeting, a discussion on the best virtual methodology centered around using VMs versus containers. Which of these statements best aligns with those two models?VMs are better for lightweight native performance, whereas containers are better for heavyweight limited performance.VMs are for running applications that need all the OS has to offer, whereas containers are better when maximizing number of applications on minimal resources.VMs share the host OS, whereas containers run on their own OS.Containers are fully isolated and more secure, whereas VMs use process-level isolation.
97 Ross is a security manager looking to improve security and performance of his unified communications (UC) server. Which of the following options might help with decreasing the attack surface?Adding more usersAdding more devicesTurning off unused servicesEase of setup
98 After analyzing traffic flows on the network, your department noticed that many internal users access the same resources on the Internet. This activity utilizes СКАЧАТЬ